From 398413024def98cb82771db57af2a4a89075e5fe Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 23 Mar 2021 12:06:45 +0100
Subject: [PATCH] SECP224K1 is not yet supported via the PSA API

Filed as https://github.com/ARMmbed/mbedtls/issues/3541. In the
meantime, disable the feature.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 include/mbedtls/config_psa.h | 3 ++-
 include/psa/crypto_config.h  | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index c46ed56a5..39a500163 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -678,7 +678,8 @@ extern "C" {
 #define PSA_WANT_ECC_SECP_K1_192
 #endif
 
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+/* SECP224K1 is buggy via the PSA API (https://github.com/ARMmbed/mbedtls/issues/3541) */
+#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
 #define PSA_WANT_ECC_SECP_K1_224
 #endif
diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index bad1e34f2..afbaa66e5 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h
@@ -87,7 +87,8 @@
 /* Curve448 is not yet supported via the PSA API (https://github.com/ARMmbed/mbedtls/issues/4249) */
 //#define PSA_WANT_ECC_MONTGOMERY_448             1
 #define PSA_WANT_ECC_SECP_K1_192                1
-#define PSA_WANT_ECC_SECP_K1_224                1
+/* SECP224K1 is buggy via the PSA API (https://github.com/ARMmbed/mbedtls/issues/3541) */
+//#define PSA_WANT_ECC_SECP_K1_224                1
 #define PSA_WANT_ECC_SECP_K1_256                1
 #define PSA_WANT_ECC_SECP_R1_192                1
 #define PSA_WANT_ECC_SECP_R1_224                1